Research On Authentication And Key Agreement In Pervasive Computing Environments

After the mainframe computing and the desktop computing, pervasive computing comes up as a new type of computing paradigm. The characters of openness and ubiquity can satisfy people'requirements, but bring more severe challenges than the traditional network. With the growing applicative foreground of pervasive computing in the military and commercial fields, the research on security technology draws more attention. As the basic problem of security in pervasive computing, authentication and key agreement have become the hot areas in the research on pervasive computing nowadays. According to the characters and requirements of pervasive computing, this dissertation researches some key problems of authentication and key agreement. The main contributions of the dissertation are summarized as follows:1. An identity-based anonymous authentication scheme without key escrow (WID-AAS) is proposed. It can realize mutual authentication between the client and the service provider without disclosing the client's true identity to other users, and resolve the problem of key escrow. In addition, it eliminates the bilinear pairing operations and has less calculating expense.2. An anonymous authentication scheme based on one-off public key (OPK-AAS) and an anonymous authentication scheme based on one-off public key and hash chain (OAH-AAS) are proposed. OPK-AAS can achieve perfect security requirements, and OAH-AAS uses the hash chain to achieve the security-efficiency trade-off. Both schemes can realize mutual authentication without disclosing the client's true identity to other users and the service provider, and prevent the user committing. Compared with available anonymous authentication schemes based on blind signature, they have superiority in security.3. Considered the inter-domain authentication in pervasive computing environments, a trusted inter-domain authentication scheme is proposed. It realizes identity authentication by using identity-based signature scheme to construct authentication proof, and uses the remote attestation scheme to verify the trustiness of platform. Compared with available schemes, the proposed scheme has superiority in security.4. Considered the group key agreement in pervasive computing, a new identity-based group key agreement scheme is proposed by combining the identity-based cryptography and STR protocol. Considered nodes joining and leaving the group, group key renewing protocol is proposed, which can guarantee the forward security and backward security of group key. The scheme can achieve security requirements and has less calculating and communicating expense.